package cn.tedu.jdbc;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Scanner;


//1' or '1' = '1
public class JDBCDemo6 {
    public static void main(String[] args) {
        Scanner scan=new Scanner(System.in);
        System.out.println("请输入用户名~");
        String userName=scan.nextLine();
        System.out.println("请输入密码~");
        String passWord=scan.nextLine();
       /* try( Connection connection=DBUtil.getConnextion("tedu")){
            String sql="select username ,password from userinfo where username=? and password=?";
            PreparedStatement p=connection.prepareStatement(sql);
            p.setString(1,userName);
            p.setString(2,passWord);
            ResultSet r=p.executeQuery();
            if (r.next()){
                System.out.println("登陆成功！欢迎你 "+userName);
            }else{
                System.out.println("用户名或密码错误!");
            }
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }*/
        try(Connection connection=DBUtil.getConnextion("tedu");) {
            String sql="select username,password  from userinfo where username=? and password=?";
            PreparedStatement ps=connection.prepareStatement(sql);
            ps.setString(1,userName);
            ps.setString(2,passWord);
            ResultSet r=ps.executeQuery();
            if (r.next()){
                System.out.println("恭喜你！ 登陆成功！ 欢迎 "+userName);
            }else{
                System.out.println("用户名或密码错误！");
            }
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }
    }
}
